CLAIMS 



What Is Claimed Is: 
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1. A secret key generation method for generating 
secret keys to be sent from a center to entities^ 
comprising the step of: 

generating said secret keys peculiar to said 
10 entities using pieces of information resulting from 
division of information specifying each of said entities. 

2. An encryption method for use in a system in 
which a center sends to entities secret keys peculiar to 

15 the entities respectively, and each entity uses a secret 
key peculiar to itself that has been sent from the center 
when it encrypts plaintext to ciphertext, the encryption 
method comprising the steps of: 



20 entities using pieces of information resulting from 
division of information specifying each of said entities; 
and 

encrypting plaintext to ciphertext using a common 
key generated using a component contained in the secret 
25 key peculiar to an entity that is a sender of the 
ciphertext, the component corresponding to one or more 



generating said 



secret 



keys peculiar to said 




pieces of information specifying another entity that is a 
destination of the ciphertext. 

3, A cryptographic communications method for 
5 communications of information between entities wherein a 
plurality of centers are provided, each of which 
generates secret keys peculiar to the entities using 
divided pieces of information resulting from division of 
information specifying each of the entities; one entity 

10 generates a first common key using a first component 
contained in secret keys peculiar to the one entity sent 
from the centers, encrypts plaintext to ciphertext using 
the first common key and sends the ciphertext to another 
entity, the first component corresponding to one or more 

15 of the divided pieces of information specifying said 
another entity; and said another entity generates a 
second common key identical to the first common key using 
a second component contained in secret keys peculiar to 
the another entity sent from said centers, and decrypts 

20 said ciphertext to the original plaintext using the 
second common key, the second component corresponding to 
one or more of the divided pieces of information 
specifying the one entity, 

25 4. A cryptographic communications method for 

communicating information between entities wherein: 
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] 

secret keys peculiar to said entities are sent from 
a center to said entities; 

one entity encrypts plaintext to ciphertext using a 
first common key derived from a first secret key peculiar 
5 to the one entity sent from said center and sends the 
ciphertext to another entity; 

said another entity decrypts said ciphertext to the 
original plaintext using a second common key identical to 
the first common key, the second common key being derived 
10 from a second secret key peculiar to said another entity 
sent from said center, characterized in that; 

a plurality of said centers are deployed; 

each of said plurality of centers generates secret 
keys peculiar to said entities by adding random numbers 
15 peculiar to said entities to divided pieces of 
information resulting from division of information 
specifying each of said entities; and 

each of said entities generates a common key using a 
component, contained in the secret key peculiar to that 
20 selfsame entity, corresponding to one or more of the 
divided pieces of information specifying an opposite 
entity • 

5. The cryptographic communications method 
25 according to claim 4, wherein computation formulas for 
generating secret keys at said centers are as follows: 
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S7T= g"'"''' (mod P) 



Si2=ai2H2 Cli2^ (mod P-1) 



5 SiK=aiKHK CliK^ (mod P-1) 

where 

vector Sij is a secret key corresponding to j • th 
piece of divided information specifying 

10 entity i(j=l, 2, ,K) 

[vector lij] is j ' th piece of divided information 
specifying entity i; 
P is a prime number; 

K is number of divisions in the information 
15 specifying entity i; 

g is primitive element for GF (P); 

Hj is a symmetrical 2" x 2" matrix made up of 

random numbers ; 
M' is sLzQ~ of divisions in the information 
20 specifying entity i; and 

aij is a personal secret random number for 

entity i (where an ... aiK = 1 (mod P-1)). 

6 . The cryptographic communications method 
25 according to claim 5, wherein computation formulas for 
generating common keys at said entities are as follows: 
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_ HiCliJ C I -HkC I CI^] . ^, ^. 
where 

5 Kim is common key generated by one entity i for 

another entity m; and 
vector Sij [vector Iij] is a component contained 
in secret key vector sij of entity i, 
corresponding to divided piece of 
10 information specifying entity m. 

7. A common key generator provided at entities in 
a cryptographic communications system for generating 
common keys to be used in processing to encrypt plaintext 

15 into ciphertext and in processing to decrypt ciphertext 
into plaintext, comprising: 

storage means at each entity for storing secret keys 
peculiar to each respective entity produced for 
respective pieces of information resulting from division 

20 of information specifying each of said respective 
entities ; 

selection means for selecting components 
corresponding to pieces of information specifying 
opposite entities to be communicated with, from among the 
25 secret keys stored; and 
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means for generating said common keys using said 
components so selected, 

8. A cryptographic communications system for 
5 reciprocally performing, between a plurality of entities, 

encrypting processing for encrypting plaintext that is 
information to be sent into ciphertext and decrypting 
processing for decrypting ciphertext so sent back into 
original plaintext; comprising: 
10 a plurality of centers that generate secret keys 

peculiar to said entities using pieces of information 
resulting from division of information specifying each of 
said entities and that sends said secret keys to said 
entities; and 

15 a plurality of entities each of which generates a 

common key employed mutually in said encryption and 
decryption processing when communicating with another 
entity, using a component contained in own secret key 
sent from the centers, the component corresponding to one 

20 or more pieces of information specifying said another 
entity, 

9 . A computer readable recording medium that 
stores a program that generates at entities involved in 

25 communications common keys used in processing to encrypt 
plaintext to ciphertext and in processing to decrypt said 
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ciphertext to said plaintext in a cryptographic 
communications system, comprising: 

first program code means for causing said computer 
to select a component corresponding to one or more of 
5 divided pieces of information specifying one entity from 
a secret key peculiar to another entity; and 

second program code means for causing said computer 
to generate said common keys using said components 
selected. 

!? 10 

iq 10 • An encryption method comprising the steps of: 

in generating a first secret key peculiar to ciphertext 

tn sending entity using first divided specifying information 

and a second secret key peculiar to ciphertext receiving 
iy 15 entity using second divided specifying information, the 

first divided specifying information being obtained by 
dividing specifying information of the ciphertext sending 
entity into a plurality of blocks and the second divided 
specifying information being obtained by dividing 
2 0 specifying information of the ciphertext receiving entity 
into a plurality of blocks; 

generating a common key using a component contained 
in the first secret key, the component corresponding to 
second divided specifying information of the ciphertext 
25 receiving entity, the common key having a structure of at 
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least three layers and an exponent portion of the common 
key having a multi-layer structure; and 

encrypting plaintext to ciphertext using the common 

key. 



11. A secret key generation method comprising the 
step of: 

generating secret keys peculiar to entities using 
divided specifying information resulting from division of 
10 information specifying said entities into a plurality of 



information has a multi-layer structure; and 

each of secret keys for remaining blocks of divided 
15 specifying information has a single-layer structure. 

12. An encryption method comprising the steps of: 
generating secret keys peculiar to entities using 
divided specifying information resulting from division of 
20 information specifying said entities into a plurality of 
blocks; and 

encrypting plaintext to ciphertext at one entity 
using a common key generated using a component contained 
in the secret key peculiar to the one entity, the 
25 component corresponding to divided specifying information 



5 



blocks; and wherein 



secret key for a first block of divided specifying 
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for another entity to which said ciphertext is to be sent, 
and wherein 

secret key for first block of divided specifying 
information has a multi-layer structure; and 
5 each of secret keys for remaining blocks of divided 

specifying information has a single-layer structure. 

13. A cryptographic communications method for 
communications of information between entities wherein a 

10 plurality of centers are provided, each of which 
generates secret keys peculiar to the entities using 
divided specifying information resulting from division of 
information specifying each of the entities into a 
plurality of blocks; one entity generates a first common 

15 key using a first component contained in secret keys 
peculiar to the one entity sent from the centers, 
encrypts plaintext to ciphertext using the first common 
key and sends the ciphertext to another entity, the first 
component corresponding to one or more of the divided 

20 pieces of information specifying said another entity; and 
said another entity generates a second common key 
identical to the first common key using, a second 
component contained in secret keys peculiar to the 
another entity sent from said centers, and decrypts said 

25 ciphertext to the original plaintext using the second 
common key, the second component corresponding to one or 
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more of the divided pieces of information specifying the 
one entity; secret keys for first block of divided 
specifying information have a multi-layer structure; and 
secret keys for remaining blocks of divided specifying 
5 information have a single-layer structure, 

14, A secret key generation method for generating 
secret keys peculiar to entities using divided specifying 
information resulting from division of information 
10 specifying said entities into a plurality of blocks, 
wherein: 

computation formulas for generating said secret keys 
are as follows: 
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Sii =aiHiCiii] + e ,1 I 



Si, =aiH3-Cl,,] + 1 



'eTT=S^'^^'^ (mod N) 



■g-^=ga. TSii (mod N) 

_ ► 2 

■glT^g^i Si 1 > (^rnod N) 



~T=e"i (mo d N) 



25 where 



vector Sij is a secret key corresponding to j * th 
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divided specifying information for entity 
i(j=l, 2, ...,K) 
[vector lij] is j ' th divided specifying 
information for entity i; 
5 vector 1 is a vector of dimension K wherein all 

components are 1 ; 

Hj is a symmetrical 2"^ x 2"^ matrix made up of 

random numbers ; 
Mj is size of j * th divided specifying 
10 information for entity i; 

K is number of block divisions in information 

specifying entity i; 
<Xi is a personal secret random number for entity 
i (where gcd (ai, ?^(N) ) = 1 and X( * ) is 
15 Carmichael function); 

N is such that N = PQ (where P and Q are 
prime) ; 

Pij is a personal secret random number for 
entity i (where Pn + Pi2 + . . . + Pik = 

20 >^(N)); 

g is maximum generating element with modulo N; 
vector git is a secret key for 1st block of 

specifying information for entity i (t = 0, 

1/ 2 f m m , f 

25 T is degree of exponent portion; and 
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if c is a scalar, and A and B are matrixes 
represented in (i) and (ii) below, then the 
expressions B = and B = <A>^ represent (iii) 
and (iv) below, respectively. 

(i) A = ( a^y ) 

(ii) B= (b^,) 



10 (iii) b^^ = c^^^ 



(iv) h = a ^ 



15 15. An encryption method wherein: 

secret keys peculiar to entities are generated using 
divided specifying information resulting from division of 
information specifying each of said entities into a 
plurality of blocks; 

20 plaintext is encrypted to ciphertext at one entity 

using a common key generated using a component contained 
in the secret key peculiar to the one entity, the 
component corresponding to divided specifying information 
for another entity that is a destination of said 

25 ciphertext; and 

computation formulas for generating said secret keys 
peculiar to said entities are as follows: 

S~r=aiHi[T;r3 + /3u^ 
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I 
I 
I 



Si 0 = g i (mo d N) 



-J~T=s"-^ "^Sii (mod N) 

_ ^ 2 

5 "iTt^^g"! "^^ > (jnod N) 

I 
I 

■i7f=g«r'^< (mod N) 

I 
I 
I 

T~T^&^''^^ ^''^ (mod N) 
where 

10 vector sij is a secret key corresponding to j'th 

divided specifying information for entity 
i(j=l, 2, ...,K) 
[vector lij] is j'th divided specifying 
information for entity i; 
15 vector 1 is a vector of dimension K wherein all 

components are 1 ; 
Hj is a symmetrical 2"^ x 2"^ matrix made up of 

random numbers ; 
Mj is size of j • th divided specifying 
2 0 information for entity i; 

K is number of block divisions in information 

specifying entity i; 
Ui is a personal secret random number for entity 
i 

2 5 (where gcd (ai, X.(N)) = 1 and X( • ) is 
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Carmichael function) ; 
N is such that N = PQ (where P and Q are 
prime ) ; 

Pij is a personal secret random number for 
5 entity i 

(where Pn + pi2 + • . • + Pik = >^(N)); 
g is maximum generating element with modulo N; 
vector git is a secret key for 1st block of 

specifying information for entity i (t = 0, 

10 1 , 2 , . . • , T) ; 

T is degree of exponent portion; and 
if c is a scalar, and A and B are matrixes 
represented in (i) and (ii) below, the 
expressions B = c^ and B = <A>'' represent (iii) 

15 and (iv) below, respectively, 

(i) A = ( a^, ) 

(ii) B = ( b^, ) 



20 



25 



(iv) 5 = a ^ 



16. The encryption method according to claim 15, 
wherein computation formulas for generating said common 
keys are as follows : 



30 go im~ S io t Itnl^ 
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St i m~ S iT Iml^ 



X2 i m~ S i2 Im2^ 



X i m ® i j ^ I m j 



C y^-^^ 



t=0 tim 



T-t 
m 



T 



= g <Hj[T^3 cT;JJp ^--^Hj^cT;^] "i^^r (mod N) 



where 

gtim (= vector git [vector Imi]) is a component 

corresponding to vector Imi for entity m, 
selected from own vector git for 1st block 
of information specifying entity i (t = 0, 
1^ 2 f •••/ T); 

Xiim = vector sn [vector Imi]; 

Xjim (= vector sij [vector Imj ] ) is a component 

corresponding to vector Imj for entity m, 
selected from own vector Sij for j'th block 
of information specifying entity i (j = 2, 
3, • . • , K) ; 



Kim is a common key generated by one entity i 

for another entity m; and 
yim is sum of (K-1) components Xjim (j = 2, 3, 

• • • / K) , that IS, yim = X2im X3iin + ... + 
XKim • 



17. A cryptographic communications method for 
communications of information between entities, wherein 

a plurality of centers are deployed, each of which 

10 generates secret keys peculiar to said entities using 
divided specifying information resulting from division of 
information specifying each of said entities into a 
plurality of blocks, and sends the secret keys to the 
entities respectively; 

15 one entity generates a first common key using a 

first component contained in secret keys peculiar to the 
one entity sent from the centers, encrypts plaintext to 
ciphertext using the first common key, and sends the 
ciphertext to said another entity, the first component 

20 corresponding to divided specifying information for 
another entity; 

said another entity generates a second common key 
identical to the first common key using a second 
component contained in secret keys peculiar to said 

25 another entity sent from the centers, and decrypts said 
ciphertext using the second common key, the second 
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component corresponding to divided specifying information 
for the one entity; and 

computation formulas for generating said secret keys 
at said centers are as follows: 



i-7=g«i i (mod N) 



'W~T=s"> "^^i 1 (mod N) 
"iTT^g"'"'^^'^^ (mod N) 

I 

•i7^=gar'^< >' (mod N) 

I 

'^^S^'^'^'^ ^ii > (mod N) 
15 where 

vector Sij is a secret key corresponding to j'th 
divided specifying information for entity 
i (j = 1, 2, K) 

[vector lij] is j • th divided specifying 
2 0 information for entity i; 

vector 1 is a vector of dimension K wherein all 
components are 1 ; 

Hj is a symmetrical 2"^ x 2"^ matrix made up of 
random numbers ; 
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Mj is size of j ' th divided specifying 

information for entity i; 
K is number of block divisions in information 
specifying entity i; 

Ui is a personal secret random number for entity 
i (where gcd (ai, >^(N)) = 1 and X( • ) is 
Carmichael function) ; 

N is such that N = PQ (where P and Q are 
prime) ; 

Pij is a personal secret random number for 
entity i (where Pii + pi2 + . • • + Pik = 
X(N) ) ; 

g is maximum generating element with modulo N; 
vector git is a secret key for 1st block of 
information specifying entity i (t = 0, 
1/ 2, T)y 
T is degree of exponent portion; and 
if c is a scalar, and A and B are matrixes 
represented in (i) and (ii) below, the 
expressions B = c^ and B = <A>'^ represent 
(iii) and (iv) below, respectively. 

(i) A = ( a^i, ) 

(ii) B = ( b^, ) 
(^^^) b^j, = c^^^ 
( iv ) h = a ^ 



10 



15 



20 



25 



18 • The cryptographic communications method 
according to claim 17, wherein computation formulas for 
generating said common keys are as follows: 



So i m~ S io C 



Slim S i 1 C 



S t i m S i t 



St i m"~ S iT ^ 



^2 i m~ S i2 C 
I 
I 

= 

^ j| i m S i j L 

1 

' - — 



u3 



u3 



u3 



m2^ 
mi ^ 
mK^ 



T-t 
m 



t=0 tim 

T 

T 

= g a-T {„ . (H ^cT;^] +-+Hj^"i^] t ) +>l(N> 

= g <H ,cT^] u*^ ^ -^iijh^ c )^ (m o d N) 
where 

gtim (= vector git [vector Imi]) is a component 
corresponding to vector I^i for entity m, 
selected from own vector git for 1st block 
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of information specifying entity i ( t = 0 , 
1/ 2/ T); 
xiim = vector sn [vector Imi]; 

Xjim (= vector Sij [vector Imj ] ) is a component 
5 corresponding to vector Imj for entity m, 

selected from own vector Sij for j • th block 
of information specifying entity i (j = 2, 

Kim is a common key generated by one entity i 
10 for another entity m; and 

yim is sum of (K-1) components Xjim (j = 2, 3, 

• • • / K) , that xs , yxm ~ ^ixm Xaim • • • 

15 19. A common key generator provided at entities in 

a cryptographic communications system for generating a 
common key to be used in processing to encrypt plaintext 
to ciphertext and in processing to decrypt ciphertext 
back to plaintext, comprising: 

2 0 storage means for storing secret keys peculiar to 

said entities produced, according to computation formulas 
given below, for divided specifying information resulting 
from division of information specifying each of said 
entities into a plurality of blocks; 

25 selection means . for selecting components 

corresponding to divided specifying information for 
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opposite entities to be communicated with, from the 
secret keys stored; and 

means for generating said common keys, according to 
computation formulas given below, using said components 
so selected: 

1 
I 



■i7T=g"i"^^ (mod N) 



g 



^=g«i > (mod N) 

1 

I ^ ^ 

^7^=g«r'^< > (mod N) 



1^ ■i7:^=gar''< (mod N) 

where 

vector Sij is a secret key corresponding to j ' th 
divided specifying information for entity 
i(j=l, 2, ...,K) 
20 [vector Iij] is j ' th divided specifying 

information for entity i; 
.vector 1 is a vector of dimension K wherein all 
components are 1 ; 
Hj is a symmetrical 2"^ x 2"^ matrix made up of 
25 random numbers ; 
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10 



15 



20 



Mj is size of j • th divided specifying 

information for entity i; 
K is number of block divisions in information 

specifying entity i; 
ai is a personal secret random number for entity 

i (where gcd (ai, >^(N) ) = 1 and k{ • ) is 

Carmichael function) ; 
N is such that N = PQ (where P and Q are 

prime) ; 

pij is a personal secret random number for 
entity i (where Pn + Pi2 + . . . + Pik = 
X(N)); 

g is maximum generating element with modulo N; 
vector git is a secret key for 1st block of 
information specifying entity i (t = 0, 



T is degree of exponent portion; and 
if c is a scalar, and A and B are matrixes 
represented in (i) and (ii) below, the 
expressions B = c^ and B = <A>'^ represent 
(iii) and (iv) below, respectively. 



(i) 



A = ( a^i; ) 



(ii) 



B = ( b^, ) 



(iii) 



b 



U If 



(iv) 



b 



= a 



c 



U V 
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50 i m S j 0 t 

51 i m~ S i 1 C 
I 

S i m~ S i t C 



St i m S iT t 



^2 i m~~ S j 2 C 



^ j i m S i j [ 



i m"~ S iK C 



u3 



m2- 



mj 



mK- 



10 



15 



t=0 tim 
— 5 1 t^QT 1 im 1 



T-t 
m 



T 

= g(H,cT^] ^•+HkCT^] (mod N) 



where 
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gtim (= vector git [vector Imi]) is a component 

corresponding to vector Imi for entity m, 
selected from own vector git for 1st block 
of information specifying entity i (t = 0, 
1/ 2, .../ T)y 

Xiim = vector sn [vector Imi]; 

Xjim (= vector sij [vector Imj ] ) is a component 
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corresponding to vector Imj for entity m, 
selected from own vector sij for j * th block 
of information specifying entity i (j = 2, 
3, . . . , K) ; 

5 Kini is a common key generated by one entity i 

for another entity m; and 
yim is sum of (K-1) components Xjim (j = 2, 3, 

, K), that is, yim = Xsim + Xslm + 

XKim • 

10 

20. A cryptographic communications system for 
reciprocally performing, between a plurality of entities, 
encryption processing for encrypting plaintext that is 
information to be sent into ciphertext and decryption 

15 processing for decrypting ciphertext so sent back into 
original plaintext, comprising: 

a plurality of centers each of which generates 
secret keys peculiar to said entities, according to 
computation formulas given below, using divided 

20 specifying information resulting from division of 
information specifying each of said entities into a 
plurality of blocks, and sends said secret keys to said 
entities; and 

a plurality of entities each of which generates a 
25 common key mutually employed in said encryption and 
decryption processing when communicating with another 



entity, according to computation formulas given below, 
using a component contained in own secret key sent from 
said centers, the component corresponding to divided 
specifying information for said another entity: 



Si, =aiH.ClM] + 0 i, 1 



Si2 =aiH2C I + 0 i2 1 



=aiH,.Clii] + flii 1 



SiK = aiHKCl ir] + /3 iK 1 



Si 0 ^ g i (mo d N) 



10 -^^^ccrTS, 



g. J sg"i ^ i 1 (mo d N) 
r-^=g«r'^< ^ii ^ (mo d N) 



gi r=e"'^'^ I >^ (mod N) 
where 

15 vector sij is a secret key corresponding to j'th 

divided specifying information for entity 
i ( j = 1, 2, K) 
[vector lij] is j • th divided specifying 
information for entity i; 
2 0 vector 1 is a vector of dimension K wherein all 

components are 1; 
Hj is a symmetrical 2"^ x 2"^ matrix made up of 

random numbers; 
Mj is size of j'th divided specifying 
25 information for entity i; 
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K is number of block divisions in information 

specifying entity i; 
<Xi is a personal secret random number for entity 

i (where gcd (ai, >^(N) ) = 1 and X( • ) is 

Carmichael function) ; 
N is such that N = PQ (where P and Q are 

prime) ; 

pij is a personal secret random number for 
entity i (where pn + + . . • + Pik = 

>^(N)); 

g is maximum generating element with modulo N; 
vector git is a secret key for 1st block of 
information specifying entity i (t = 0, 

T is degree of exponent portion; and 
if c is a scalar, and A and B are matrixes 
represented in (i) and (ii) below, the 
expressions B = c^ and B = <A>^ represent 
(iii) and (iv) below, respectively. 

(i) A = ( 1, ) 

(ii) B= (b^,) 



10 



Slim S i 1 [ Ifnl^ 



S t i m~" Sit Ifnl^ 



St i m~ S iT C Ijni] 



^2 i m~ S i2 C ltn2^ 



^jim ^ij f-^mj^ 



T c y^"^^ 



t=0 t im 



^ * T-t 



m 



T 

T 

-^5 =g <h,eT^] ^--^Hj^c^l^] t:T;*;^^>'^ (mod N) 

where 

gtim (= vector git [vector Imi]) is a component 

corresponding to vector 1^1 for entity m, 
selected from own vector git for 1st block 
20 of information specifying entity i (t = 0, 

1/ 2/ T)j 

Xiim = vector Sn [vector Imi]; 

Xjim (= vector Sij [vector Imj ] ) is a component 
corresponding to vector I^j for entity m, 
25 selected from own vector Sij for j ' th block 
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of information specifying entity i (j = 2, 
3/ •••/ K); 

Kim is a common key generated by one entity i 
for another entity m; and 
5 yim is sum of (K-1) components Xjim (j = 2, 3, 

• • • / K) , that is , yini = X2im Xaini + • • • , 



21. A computer readable recording medium for 

10 storing a program that generates at entities involved in 
communications a common key mutually used in processing 
to encrypt plaintext to ciphertext and in processing to 
decrypt said ciphertext back to said plaintext in a 
cryptographic communications system, comprising: 

15 first program code means for causing said computer 

to select a component corresponding to divided specifying 
information of one entity that is a ciphertext recipient 
from a secret key peculiar to another entity that is a 
ciphertext sender, according to computation formulas 

2 0 given below, for each of divided specifying information 
resulting from division of information specifying each of 
said entities into a plurality of blocks; and 

second program code means for causing said computer 
to generate said common key, according to computation 

25 formulas given below, using said components selected: 
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gio = g^' (modN) 
^ "iTT=g"'~^^'i (mod N) 

_ ► 2 

■i7^=gar'^< Si 1 >' (jnod N) 

I 
I 
I 

"iTT^e^i"^^ 1 ^ (mo d N) 
10 where 

vector Sij is a secret key corresponding to j • th 

divided specifying information for entity 

i (j = 1, 2, K) 
[vector lij] is j ' th divided specifying 
15 information for entity i; 

vector 1 is a vector of dimension K wherein all 

components are 1 ; 
Hj is a symmetrical 2"^ x 2^^ matrix made up of 

random numbers ; 

20 Mj is size of j • th divided specifying 

information for entity i; 
K is number of block divisions in information 
specifying entity i; 

ai is a personal secret random number for entity 

25 i (where gcd (ai, X(N) ) = 1 and X( • ) is 
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Carmichael function) ; 
N is such that N = PQ (where P and Q are 
prime) ; 

Pij is a personal secret random number for 
5 entity i (where pn + + ... + p^^ = 

X(N)); 

g is maximum generating element with modulo N; 
vector git is a secret key for 1st block of 
information specifying entity i (t = 0, 
10 1, 2, . . . , T) ; 

T is degree of exponent portion; and 
if c is a scalar, and A and B are matrixes 
represented in (i) and (ii) below, the 
expressions B = c^ and B = <A>*^ represent 
15 (iii) ^nd (iv) below, respectively. 

(i) A = ( a^^ ) 

(ii) B = ( b^, ) 



20 



25 



(iv) h = a ^ 



So i m~ S io C Iml^ 



Si i in~ S i 1 C Iml^ 



St i m~ Sit t Ifnil 



St i m~ S iT t Iml^ 



30 



76 



10 



t=0 tim 



T 

= g<H^cl^] [i;;^^ ^'^Hj^n;^] ^W^)'^ (mod N) 

where 

gtim (= vector git [vector Imi]) is a component 
corresponding to vector Imi for entity m, 
15 selected from own vector git for 1st block 

of information specifying entity i (t = 0, 
If 2/ T); 

xiim = vector sn [vector Imi]; 

Xjim (= vector sij [vector Imj ] ) is a component 
2 0 corresponding to vector Imj for entity m, 

selected from own vector Sij for j'th block 
of information specifying entity i (j = 2, 
3, . . . , K) ; 

Kim is a common key generated by one entity i 
25 for another entity m; and 

yim is sum of (K-1) components Xjim ( j = 2, 3, 

77 
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• • • / K ) , "that IS , — X2im ^3im • • • 

22. A computer data signal embodied in a carrier 
5 wave for generating at entities involved in 

communications common keys used in processing to encrypt 
plaintext to ciphertext and in processing to decrypt said 
ciphertext to said plaintext in a cryptographic 
communications system, comprising: 

10 first code segment for causing a computer to select 

a component corresponding to one or more of divided 
pieces of information specifying one entity from a secret 
key peculiar to another entity; and 

second code segment for causing said computer to 

15 generate said common keys using said components selected. 

23. A computer data signal embodied in a carrier 
wave for generating at entities involved in 
communications a common key mutually used in processing 

20 to encrypt plaintext to ciphertext and in processing to 
decrypt said ciphertext back to said plaintext in a 
cryptographic communications system, comprising: 

first code segment for causing a computer to select 
a component corresponding to divided specifying 

25 information of one entity that is a ciphertext recipient 
from a secret key peculiar to another entity that is a 




15 



ciphertext sender, according to computation formulas 
given below, for each of divided specifying information 
resulting from division of information specifying each of 
said entities into a plurality of blocks; and 

second code segment for causing said computer to 
generate said common key, according to computation 
formulas given below, using said components selected: 



Sii=aiHi[Iii] + /3ii 1 



Si2 = aiH2Cli2] + /3 i2 1 



10 Si j = aiHj[Ii3.] + /3 1 

I 



Si 0 = S ' (mo d N) 



■i77"=g«i "^Sj 1 (mod N) 

► 2 

■i7^=gar'^< Si 1 > (mod N) 

'stT^S^'^ ^ ^ (mod N) 

■^=g«i"'^< Si (mod N) 
where 

vector Sij is a secret key corresponding to j * th 
20 divided specifying information for entity 

i (j = 1, 2, K) 
[vector lij] is j • th divided specifying 

information for entity i; 
vector 1 is a vector of dimension K wherein all 
2 5 components are 1; 
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Hj is a symmetrical 2"^ x 2"^ matrix made up of 

random numbers ; 
Mj is size of j'th divided specifying 

information for entity i; 
K is number of block divisions in information 

specifying entity i; 
ai is a personal secret random number for entity 

i (where gcd (ai, X.(N) ) = 1 and X( • ) is 

Carmichael function) ; 
N is such that N = PQ (where P and Q are 

prime) ; 

pij is a personal secret random number for 
entity i (where pn + Pi2 + . . • + piK = 
>.(N)); 

g is maximum generating element with modulo N; 
vector git is a secret key for 1st block of 
information specifying entity i (t = 0, 

1, 2 f m m • f T)p 

T is degree of exponent portion; and 
if c is a scalar, and A and B are matrixes 
represented in (i) and (ii) below, the 
expressions B = c^ and B = <A>^ represent 
(iii) and (iv) below, respectively* 

i) A = ( a^^ ) 





15 



(ii) B= (b„„) 

(iii) b„„ = c^"" 



(iv) b„„ = a„„c 



So i m S i 0 C Ifnl ^ 



Slim 6 i 1 C I ml ^ 



St i m S iT Iml ^ 



i m ^ i j I- I mj ^ 



i m~ S iK C ImK^ 



cr-t) 



t=0 tim 
— S 1 t=OT 1 im 1 



T-t 
im 



T 

T 

= g oT'T {a . (H ^Cl^] Ci;;^] ^-^Hj^cT;^] ) +>l (N) 

= g <H jct;^] ct;;^] -^-t-Hj^cT^] ci;^] (mod n) 

where 

25 gtim (= vector git [vector Imi]) is a component 

corresponding to vector l^i for entity m, 
selected from own vector git for 1st block 
of information specifying entity i (t = 0, 
If 2/ T)f 
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xiim = vector sn [vector Imi ] ; 

Xjim (= vector sij [vector Imj ] ) is a component 

corresponding to vector I^nj for entity m, 
selected from own vector Sij for j * th block 
5 of information specifying entity i (j = 2, 

3, ..w K); 

Kim is a common key generated by one entity i 

for another entity m; and 
yim is sum of (K-1) components Xjin, (j = 2, 3, 

0 / K), that is, yin^ = X2iin + Xalm + 
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